[
https://issues.apache.org/jira/browse/HDDS-11356?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17875668#comment-17875668
]
Ethan Rose commented on HDDS-11356:
-----------------------------------
I've left this Jira under the top level docs section for now, since I'm not
sure where to put it yet. My first guess would be {{Developer Guide/Project}}
but that will probably not be visible enough. Other options could be to place
it under the Admin Guide or Core Concepts.
> Document Ozone's security model
> -------------------------------
>
> Key: HDDS-11356
> URL: https://issues.apache.org/jira/browse/HDDS-11356
> Project: Apache Ozone
> Issue Type: Sub-task
> Reporter: Ethan Rose
> Priority: Major
>
> As described in the [ASF Security
> Wiki|https://cwiki.apache.org/confluence/display/SECURITY/Documenting+your+security+model],
> we should add a page documenting the assumptions and guarantees Ozone makes
> in regards to security. This will help admins and people who report suspected
> vulnerabilities. A good example is given in the doc:
> bq. Are logs intended to be safe to expose to users with read-only
> authorization, or may they contain credentials?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
